December 4, 2017 
< | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | >
December 4, 2017 [00:22:41] *** mattcen <mattcen!~mattcen@c122-108-68-124.sunsh1.vic.optusnet.com.au> has quit IRC (Ping timeout: 260 seconds)[00:31:34] *** mattcen <mattcen!~mattcen@c122-108-68-124.sunsh1.vic.optusnet.com.au> has joined #postfix[00:34:38] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-157-202.satx.res.rr.com> has quit IRC (Quit: cemotyz09)[00:37:31] *** ariscop <ariscop!~Phase4@icookc.lnk.telstra.net> has joined #postfix[00:37:49] *** maslen1 <maslen1!~maslen@unaffiliated/maslen> has joined #postfix[00:39:02] *** MajPotatohead <MajPotatohead!~harold@unaffiliated/majpotatohead> has joined #postfix[00:39:57] *** maslen <maslen!~maslen@unaffiliated/maslen> has quit IRC (Ping timeout: 240 seconds)[00:58:25] *** maslen1 <maslen1!~maslen@unaffiliated/maslen> has quit IRC (Ping timeout: 248 seconds)[01:00:01] *** jrabe <jrabe!irc@janikrabe.com> has quit IRC (Quit: Scheduled maintenance)[01:00:29] *** maslen <maslen!~maslen@unaffiliated/maslen> has joined #postfix[01:02:16] *** jrabe <jrabe!irc@bouncer.tech> has joined #postfix[01:54:51] *** ruel is now known as lvlinux[02:12:43] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)[02:35:09] *** nomeed <nomeed!~nomeed@p57A87CEE.dip0.t-ipconnect.de> has quit IRC (Remote host closed the connection)[02:49:29] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has quit IRC (Ping timeout: 268 seconds)[03:03:40] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has joined #postfix[03:04:05] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 255 seconds)[03:07:57] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[03:19:41] *** Gaaab <Gaaab!~Gaaab@host187-144-dynamic.33-79-r.retail.telecomitalia.it> has quit IRC (Remote host closed the connection)[03:26:32] *** twb <twb!~twb@203.7.155.119> has joined #postfix[03:26:57] *** MajPotatohead <MajPotatohead!~harold@unaffiliated/majpotatohead> has quit IRC (Ping timeout: 240 seconds)[03:27:04] <twb> Is there a "proper" way for an email to say "don't bother trying to reply to me" ?[03:27:18] <twb> Or does everyone just do like From: noreply at example dot com[03:30:01] *** RadoQ <RadoQ!~cheater@unaffiliated/radoq> has joined #postfix[03:40:19] *** MajPotatohead <MajPotatohead!~harold@unaffiliated/majpotatohead> has joined #postfix[03:49:15] <petn-randall> twb: If it's a machine-generated mail, it's also custom to not set the return-path. And of course not accept mail for noreply@.[03:50:20] <pj> petn-randall: wrong[03:51:02] <pj> the Return-Path header is set by the MDA to the envelope sender. You can't "not set" it from the source.[03:51:53] <petn-randall> Cunningham's Law strikes again. :)[03:54:26] <petn-randall> pj: How does it work with bounce mails then, which don't have the return-path set?[03:59:36] *** inferus-vir <inferus-vir!~inferus-v@192-0-174-247.cpe.teksavvy.com> has joined #postfix[04:06:51] *** chachasmooth_ <chachasmooth_!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[04:07:47] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 276 seconds)[04:10:39] <rob0> return-path is set by the receiving MTA, to the envelope sender address.[04:11:41] <rob0> you COULD use a null sender address "<>", but that would mean you can't get bounces, and you should receive and process bounces.[04:13:28] <twb> Okey dokey[04:14:04] <twb> I was kinda hoping there'd be an RFC like X-I-am-a-robot-who-will-not-read-replies: yes[04:14:30] <twb> And then conforming MUAs would like grey out the reply button[04:14:32] <rob0> nope, right, there's not[04:14:36] <twb> Oh well[04:15:11] <rob0> interesting idea, put that down for the discussion of SMTP's replacement protocol ;)[04:16:10] <twb> Is that happening presently?[04:16:32] <twb> I heard that an IMAP replacement was in the works at fastmail[04:16:43] <twb> Something based on JSON and HTTP IIRC[04:17:46] <rob0> haha, I was kidding, I doubt there will be much agreement on replacing smtp[04:18:15] <rob0> although ... seriously ... it's the only way to fix it[04:18:58] <rob0> these years of experience with Internet mail should have taught [a few of] us something.[04:21:49] <rob0> Now we have companies like Google and Microsoft and Facebook that want to "own" communications for their users. I think it's in their economic interest to keep things as they are.[04:44:51] *** JPT <JPT!~jpt@classified.name> has quit IRC (Read error: Connection reset by peer)[04:47:12] *** JPT <JPT!~jpt@classified.name> has joined #postfix[04:51:19] <inferus-vir> !showconfig[04:51:19] <knoba> inferus-vir: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin (see !pastebin) with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[04:58:02] <inferus-vir> !relevant_logs[04:58:03] <knoba> inferus-vir: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility and should not be shown. Also see http://rob0.nodns4.us/postfix-logging[04:59:37] <inferus-vir> !pastebin[04:59:37] <knoba> inferus-vir: "pastebin" : A pastebin site lets you easily share logs and configuration. Examples are dpaste.org, fpaste.org, pastebin.ca, paste.ee, ptpb.pw, ix.io and many others. Please avoid ad-supported sites such as pastebin.com if possible.[05:05:04] *** eelstrebor <eelstrebor!~eelstrebo@216-75-116-100.res.dyn.allophone.biz> has quit IRC (Quit: Ex-Chat)[05:05:10] <inferus-vir> postconf data: https://pastebin.ca/3944127, log data: https://pastebin.ca/3944125[05:06:20] <inferus-vir> anyone wanna guide a noob setting mail server on centos7 vm?[05:21:20] *** visip <visip!~visix@gateway/tor-sasl/visip> has quit IRC (Remote host closed the connection)[05:21:20] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has quit IRC (Read error: Connection reset by peer)[05:22:14] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has joined #postfix[05:22:40] *** visip <visip!~visix@gateway/tor-sasl/visip> has joined #postfix[05:29:41] <patdk-lap> you don't even have a postfix issue yet[05:29:56] <patdk-lap> just fix your broken dns[05:30:55] <inferus-vir> as far as i can tell everything on my dns works way they told us[05:31:09] <patdk-lap> way *they* told us?[05:31:12] <patdk-lap> did you not test it?[05:31:53] <inferus-vir> yes, i tested it, like i said, far as i can tell, it works just fine[05:32:32] <patdk-lap> dig mx myseneca.ca[05:32:39] <patdk-lap> that says?[05:33:11] <inferus-vir> whole screen of info.. pastebin it?[05:33:42] <patdk-lap> no, just the answer section[05:33:58] <inferus-vir> myseneca.ca. 2282 IN MX 0 myseneca-ca.mail.eo.outlook.com.[05:34:34] <patdk-lap> so why does your logs say it doesn't work?[05:34:36] <patdk-lap> https://pastebin.ca/3944125[05:35:06] <inferus-vir> if i knew that, i'd not ask for help, yes? :)[05:35:17] <patdk-lap> well, you didn't tell postfix to chroot[05:35:21] <patdk-lap> so it's something with your os[05:35:52] <inferus-vir> what's a chroot?[05:36:01] <patdk-lap> something to do with your os[05:36:41] <inferus-vir> something about changing root according to google[05:37:00] <inferus-vir> how/where/why do something like that to run mail?[05:37:59] <patdk-lap> this give the same result[05:37:59] <patdk-lap> host -t mx myseneca.ca[05:38:22] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has quit IRC (Remote host closed the connection)[05:38:47] <inferus-vir> myseneca.ca mail is handled by 0 myseneca-ca.mail.eo.outlook.com.[05:38:53] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has joined #postfix[05:43:39] *** Gaaab <Gaaab!~Gaaab@host187-144-dynamic.33-79-r.retail.telecomitalia.it> has joined #postfix[05:45:16] <inferus-vir> just in case, i checked again, it's not something that's getting dropped by my firewall[05:53:44] *** inferus-vir <inferus-vir!~inferus-v@192-0-174-247.cpe.teksavvy.com> has quit IRC (Quit: Time is fluid - stop counting & learn to swim!)[05:54:11] <patdk-lap> it wouldn't be[06:02:36] *** Gaaab <Gaaab!~Gaaab@host187-144-dynamic.33-79-r.retail.telecomitalia.it> has quit IRC (Remote host closed the connection)[06:06:11] *** ariscop <ariscop!~Phase4@icookc.lnk.telstra.net> has quit IRC (Ping timeout: 248 seconds)[06:13:32] *** ariscop <ariscop!~Phase4@icookc.lnk.telstra.net> has joined #postfix[06:30:03] *** ld50 <ld50!~quassel@2001:41d0:8:baae::bad:deed> has quit IRC (Remote host closed the connection)[06:33:15] *** ld50 <ld50!~quassel@2001:41d0:8:baae::bad:deed> has joined #postfix[06:34:45] *** NightMonkey <NightMonkey!~NightMonk@pdpc/supporter/professional/nightmonkey> has quit IRC (Quit: ZNC - http://znc.in)[06:36:29] *** NightMonkey <NightMonkey!~NightMonk@pdpc/supporter/professional/nightmonkey> has joined #postfix[06:49:38] *** tmberg <tmberg!tmberg@unaffiliated/tmberg> has quit IRC (Ping timeout: 276 seconds)[06:50:05] *** tmberg <tmberg!tmberg@unaffiliated/tmberg> has joined #postfix[06:52:45] *** maslen1 <maslen1!~maslen@unaffiliated/maslen> has joined #postfix[06:53:12] *** led_ir22 <led_ir22!~Thunderbi@hotspot10.rywasoft.net> has quit IRC (Quit: led_ir22)[06:55:30] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has quit IRC (Ping timeout: 260 seconds)[06:55:45] *** maslen <maslen!~maslen@unaffiliated/maslen> has quit IRC (Ping timeout: 248 seconds)[06:56:07] *** phunyguy <phunyguy!~vault@ubuntu/member/phunyguy> has joined #postfix[07:12:04] *** Dolanyeah110 <Dolanyeah110!~dolanyeah@202.57.8.13> has joined #postfix[07:30:27] *** Masber_080 <Masber_080!~Masber@27-32-116-21.static.tpgi.com.au> has joined #postfix[07:39:49] *** skodde <skodde!~skodde@unaffiliated/skodde> has quit IRC (Ping timeout: 255 seconds)[07:40:05] *** skodde <skodde!~skodde@unaffiliated/skodde> has joined #postfix[07:46:39] *** MACscr <MACscr!~MACscr@c-73-9-230-5.hsd1.il.comcast.net> has joined #postfix[07:54:06] *** ogny <ogny!~orkun@unaffiliated/ogny> has joined #postfix[08:00:37] *** MajPotatohead <MajPotatohead!~harold@unaffiliated/majpotatohead> has quit IRC (Remote host closed the connection)[08:10:25] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has quit IRC (Ping timeout: 248 seconds)[08:22:09] *** plee <plee!~kurt@127.84-48-165.nextgentel.com> has quit IRC (Quit: Leaving)[08:23:26] *** gavimobile <gavimobile!~GavrielC@199.203.211.196> has joined #postfix[08:24:56] <gavimobile> hey, i have a huge file named /sent located in root. anyone know if this is part of postfix?[08:29:24] *** visip <visip!~visix@gateway/tor-sasl/visip> has quit IRC (Remote host closed the connection)[08:30:26] *** visip <visip!~visix@gateway/tor-sasl/visip> has joined #postfix[08:42:49] *** Habbie <Habbie!peter@2a01:1b0:202:76::34> has left #postfix[08:42:51] *** Habbie <Habbie!peter@2a01:1b0:202:76::34> has joined #postfix[08:43:02] *** Habbie <Habbie!peter@2a01:1b0:202:76::34> has left #postfix[08:44:46] *** twb <twb!~twb@203.7.155.119> has quit IRC (Remote host closed the connection)[08:48:04] *** shal3r <shal3r!~shal3r@80.232.250.159> has joined #postfix[08:59:52] *** shal3r <shal3r!~shal3r@80.232.250.159> has quit IRC (Quit: emerge life)[09:11:51] *** Ellenor is now known as Reinhilde[09:17:27] *** Marc3l <Marc3l!~Marc3l@unaffiliated/marc3l> has quit IRC (Quit: ZNC - http://znc.in)[09:32:41] *** Darcidride <Darcidride!~Darcidrid@194.2.202.93> has joined #postfix[09:41:25] *** ariscop <ariscop!~Phase4@icookc.lnk.telstra.net> has quit IRC (Quit: Leaving)[09:42:29] *** Marc3l <Marc3l!~Marc3l@unaffiliated/marc3l> has joined #postfix[09:59:59] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has joined #postfix[10:00:48] *** NwS <NwS!~NwS@unaffiliated/nws> has joined #postfix[10:03:29] *** Isla_de_Muerte <Isla_de_Muerte!~NwS@unaffiliated/nws> has quit IRC (Ping timeout: 248 seconds)[10:11:27] *** Jellyg00se <Jellyg00se!~Alfie@195.99.134.162> has joined #postfix[10:25:59] *** Oclairi <Oclairi!~Oclair@91-115-61-219.adsl.highway.telekom.at> has joined #postfix[10:26:54] *** Oclair <Oclair!~Oclair@178-191-224-103.adsl.highway.telekom.at> has quit IRC (Ping timeout: 260 seconds)[10:33:23] *** ariscop <ariscop!~Phase4@58.106.177.140> has joined #postfix[10:35:28] *** Madda <Madda!~Madda@host88-241-dynamic.245-95-r.retail.telecomitalia.it> has joined #postfix[10:53:16] *** visip <visip!~visix@gateway/tor-sasl/visip> has quit IRC (Ping timeout: 248 seconds)[10:54:08] *** visip <visip!~visix@gateway/tor-sasl/visip> has joined #postfix[10:56:18] *** ntinos <ntinos!~quassel@snf-766783.vm.okeanos.grnet.gr> has joined #postfix[10:59:58] *** visip <visip!~visix@gateway/tor-sasl/visip> has quit IRC (Remote host closed the connection)[11:00:17] *** wolfshappen_ <wolfshappen_!~wolfshapp@static.120.52.4.46.clients.your-server.de> has quit IRC (Remote host closed the connection)[11:01:06] *** visip <visip!~visix@gateway/tor-sasl/visip> has joined #postfix[11:02:28] *** wolfshappen <wolfshappen!~wolfshapp@static.120.52.4.46.clients.your-server.de> has joined #postfix[11:10:37] *** Inray <Inray!~athan@2a02:1388:18a:fb3d:e59e:a143:e60d:9d50> has joined #postfix[11:11:02] *** Inray <Inray!~athan@2a02:1388:18a:fb3d:e59e:a143:e60d:9d50> has quit IRC (Client Quit)[11:13:40] *** ntinos <ntinos!~quassel@snf-766783.vm.okeanos.grnet.gr> has quit IRC (Read error: Connection reset by peer)[11:18:28] *** albech1 <albech1!~Thunderbi@5.103.131.12> has joined #postfix[11:23:23] *** visip <visip!~visix@gateway/tor-sasl/visip> has quit IRC (Remote host closed the connection)[11:24:23] *** visip <visip!~visix@gateway/tor-sasl/visip> has joined #postfix[12:02:54] *** Oclairi <Oclairi!~Oclair@91-115-61-219.adsl.highway.telekom.at> has quit IRC (Quit: Bye Bye)[12:32:17] *** Jellyg00se <Jellyg00se!~Alfie@195.99.134.162> has quit IRC (Quit: Leaving)[12:34:50] *** maslen <maslen!~maslen@unaffiliated/maslen> has joined #postfix[12:35:50] *** Jellyg00se <Jellyg00se!~Alfie@195.99.134.162> has joined #postfix[12:37:50] *** maslen1 <maslen1!~maslen@unaffiliated/maslen> has quit IRC (Ping timeout: 255 seconds)[12:41:21] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has joined #postfix[12:41:32] *** DTZUZO <DTZUZO!~DTZUZO@S0106bcd16584b0aa.vs.shawcable.net> has joined #postfix[12:42:47] *** syshero <syshero!~chaosmake@unaffiliated/chaosmaker> has joined #postfix[12:43:10] *** Masber_080 <Masber_080!~Masber@27-32-116-21.static.tpgi.com.au> has quit IRC (Ping timeout: 260 seconds)[12:44:38] *** maslen1 <maslen1!~maslen@unaffiliated/maslen> has joined #postfix[12:46:20] *** sep_ <sep_!~sep@95.62-50-191.enivest.net> has quit IRC (Quit: Leaving)[12:46:35] *** sep <sep!~sep@2a04:2747:7e0b:d700:52e5:49ff:feeb:32> has joined #postfix[12:46:54] *** maslen <maslen!~maslen@unaffiliated/maslen> has quit IRC (Ping timeout: 260 seconds)[12:47:28] *** Madda <Madda!~Madda@host88-241-dynamic.245-95-r.retail.telecomitalia.it> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)[13:01:04] *** damyan^ <damyan^!damyan@mail.0x4711.org> has quit IRC (Remote host closed the connection)[13:01:26] *** damyan^ <damyan^!damyan@mail.0x4711.org> has joined #postfix[13:01:28] *** albech1 <albech1!~Thunderbi@5.103.131.12> has quit IRC (Read error: Connection reset by peer)[13:12:33] *** section1 <section1!~section1@190.194.68.34> has joined #postfix[13:15:38] *** chachasmooth_ <chachasmooth_!~chachasmo@unaffiliated/chachasmooth> has quit IRC (Ping timeout: 255 seconds)[13:15:39] *** chachasmooth <chachasmooth!~chachasmo@unaffiliated/chachasmooth> has joined #postfix[13:39:33] *** Gaaab <Gaaab!~Gaaab@host187-144-dynamic.33-79-r.retail.telecomitalia.it> has joined #postfix[14:05:10] *** synthroid <synthroid!~synthroid@50.202.5.122> has joined #postfix[14:48:15] *** maslen <maslen!~maslen@unaffiliated/maslen> has joined #postfix[14:49:53] *** maslen1 <maslen1!~maslen@unaffiliated/maslen> has quit IRC (Ping timeout: 258 seconds)[14:57:21] *** Gaaab <Gaaab!~Gaaab@host187-144-dynamic.33-79-r.retail.telecomitalia.it> has quit IRC (Remote host closed the connection)[15:00:20] *** Gaaab <Gaaab!~Gaaab@host187-144-dynamic.33-79-r.retail.telecomitalia.it> has joined #postfix[15:00:47] *** eelstrebor <eelstrebor!~eelstrebo@216.75.116.100> has joined #postfix[15:01:49] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-157-202.satx.res.rr.com> has joined #postfix[15:03:05] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix[15:07:18] *** DzAirmaX <DzAirmaX!~DzAirmaX@unaffiliated/dzairmax> has joined #postfix[15:09:09] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has joined #postfix[15:14:02] *** masuberu <masuberu!~Masber@27-32-116-21.static.tpgi.com.au> has quit IRC (Ping timeout: 258 seconds)[15:15:50] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side)[15:25:04] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has joined #postfix[15:25:11] *** patdk-lap <patdk-lap!~patrickdk@2603:3003:3402:99f2:259c:6a0b:31d8:e09> has quit IRC (Ping timeout: 240 seconds)[15:26:18] *** Madda <Madda!~Madda@hq.m3team.it> has joined #postfix[15:39:13] *** patdk-lap <patdk-lap!~patrickdk@96-91-219-129-static.hfc.comcastbusiness.net> has joined #postfix[15:40:27] *** Madda <Madda!~Madda@hq.m3team.it> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)[15:42:23] *** Madda <Madda!~Madda@hq.m3team.it> has joined #postfix[15:49:15] *** Madda <Madda!~Madda@hq.m3team.it> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)[15:49:56] *** Madda <Madda!~Madda@hq.m3team.it> has joined #postfix[15:51:26] *** Dolanyeah110 <Dolanyeah110!~dolanyeah@202.57.8.13> has quit IRC (Quit: Nettalk6 - www.ntalk.de)[15:54:44] *** Madda <Madda!~Madda@hq.m3team.it> has quit IRC (Client Quit)[15:56:22] *** Madda <Madda!~Madda@hq.m3team.it> has joined #postfix[16:02:44] <ld50> i'm trying to follow the handbook in regard to becoming an mx. the handbook says:[16:02:44] <ld50> the.backed-up.domain.tld relay:[their.mail.host.tld][16:02:44] <ld50> i'm not sure what is meant by "their" mail host. who are "they"? how to i fill in this placeholder?[16:03:12] <ld50> (this should go in the transport file according to the handbook)[16:06:13] *** pyco <pyco!~p@pierkorb.de> has joined #postfix[16:06:13] *** pyco <pyco!~p@pierkorb.de> has quit IRC (Changing host)[16:06:13] *** pyco <pyco!~p@pdpc/supporter/active/pyco> has joined #postfix[16:07:11] <survietamine> what's that handbook?[16:07:36] <survietamine> anyway, you should read the topic[16:11:06] <ld50> http://www.postfix.org/STANDARD_CONFIGURATION_README.html#backup this one.[16:11:06] <ld50> i have read the topic. am i not registered? i thought so, maybe authentication failed, i'll look into that[16:11:31] <ld50> or did i miss anything other than that?[16:13:16] <lunaphyte> if you're referring to the fbsd handbook, you'd want to consult with the fbsd support community for help with that document[16:14:09] <survietamine> ld50: so, you want to setup a mx backup?[16:14:11] <lunaphyte> ld50: just to be clear, when someone says "you should read the topic", it means" you should read the topic and then ACTUALLY follow the directions therein"[16:14:51] <lunaphyte> additionally, "backup" mxes are not wise, and generally unnecessary as well[16:16:30] <survietamine> ah no, sorry that snippet is from "When your system is PRIMARY MX..." section[16:16:55] <survietamine> 'the.backed-up.domain.tld' here is the domain you want to setup a MX for[16:19:24] <survietamine> and 'relay:[their.mail.host.tld]' should refer to the mail server which actually is final destination for that domain (but not listed in DNS)[16:19:52] <ld50> so that would be 127.0.0.1 in my case?[16:20:08] <ld50> i'm that server myself (at least i'm trying)[16:20:11] <survietamine> I have that kind of setup for some usecases. Internet => MX (my server) => another server in our lan/wan that handle that mails[16:20:26] <survietamine> for ticket systems and others stuffs I don't administrate[16:20:39] <survietamine> because we don't give them Internet IP[16:21:02] <survietamine> if it's for your own server, then you don't need this documentation[16:21:08] <survietamine> it is for "remote"[16:21:25] <ld50> i'm trying to become the primary mx for a subdomain and have set the mx record for blabla.exmaple.com to myserver.example.com[16:21:30] <survietamine> the title says "Configuring Postfix as primary or backup MX host for a remote site"[16:22:11] <ld50> i wasn't sure what remote site meant, but since all other documents i could find on google only covered being a backup mx, i went with this one[16:22:29] <ld50> at least it meantioned becoming a primary mx[16:22:58] <lunaphyte> !tell ld50 basic[16:22:58] <knoba> ld50: "basic" : http://www.postfix.org/BASIC_CONFIGURATION_README.html : a good starting place for Postfix beginners, many common questions are answered here.[16:23:50] <rob0> !address_classes[16:23:50] <knoba> rob0: "address_classes" : http://www.postfix.org/ADDRESS_CLASS_README.html describes how Postfix deals with different classes of addresses: local, relay, virtual alias, virtual mailbox, and Internet.[16:23:52] *** Gaaab <Gaaab!~Gaaab@host187-144-dynamic.33-79-r.retail.telecomitalia.it> has quit IRC (Remote host closed the connection)[16:24:11] *** ogny <ogny!~orkun@unaffiliated/ogny> has quit IRC (Ping timeout: 255 seconds)[16:26:08] <ld50> lunaphyte: thanks, i'll try to make some sense of it[16:26:08] <ld50> rob0: i'm assuming that hint was for me, i'll read through that as well[16:26:15] <ld50> thanks so far[16:27:55] *** pti-jean <pti-jean!~quassel@79.38.124.78.rev.sfr.net> has joined #postfix[16:29:02] <rob0> Yes, you seem to be following secondary MX instructions, when what you want is a primary/single MX.[16:30:00] <rob0> You can do relay_domains for a single MX, but you'd want that only if relaying to another (non-Postfix) delivery agent.[16:30:36] <rob0> More likely, to start out, you want to choose mydestination (local(8) delivery.)[16:32:04] <ld50> i have dovecot running and want all mail to end up there. i have defined a transport for that and configured it with virtual_transport = dovecot[16:33:07] <ld50> mydestination says "Do not specify the names of virtual domain", but if i understand everything correctly my domain is "virtual"[16:36:32] <ld50> so i guess i want to use relay_domains[16:38:04] <lunaphyte> i would[16:38:16] <lunaphyte> for relay to dovecot? that's what i would do[16:38:21] <lunaphyte> and use lmtp too[16:39:19] <ld50> at the moment the transport is defined like this:[16:39:20] <ld50> dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/dovecot-lda -f ${sender} -d ${mailbox}[16:39:30] <lunaphyte> that's using pipe(8), which is silly[16:39:33] <lunaphyte> use lmtp[16:39:52] <lunaphyte> pretty sure that's covered in the dovecot documentation[16:40:38] <survietamine> https://wiki2.dovecot.org/HowTo/PostfixDovecotLMTP[16:40:44] <survietamine> you have documentation in postfix too[16:40:51] <ld50> yes it is, but it only covers how you would configure it, not why you would want this[16:41:42] <ld50> pipe has been working fine for me so far, of course i trust you guys that lmtp will be better and i am sure i can get it to work - but i still don't know why[16:42:23] <lunaphyte> it's more efficient, and more flexible[16:42:57] <ld50> "With Dovecot 2.0 you can also use LMTP and the Postfix setting "reject_unverified_recipient" for dynamic address verification."[16:42:57] <ld50> this is definitely something i want :)[16:43:28] <lunaphyte> well, you'll do that no matter what, unrelated to use of lmtp[16:43:49] <ld50> with lmtp i don't need to query ldap[16:43:55] <rob0> LMTP runs in a single process, pipe invokes a new one each time[16:44:10] <lunaphyte> you should still query ldap. it's better[16:44:17] <rob0> no, lmtp still requires some kind of data backend, ldap being one possibility[16:44:42] <ld50> dovecot is already hooked into ldap[16:45:04] <rob0> The dynamic address verification thing is kind of kludgy.[16:45:28] <rob0> It can cause problems when addresses are removed.[16:45:35] <lunaphyte> ld50: and postfix should then also use ldap, directly, independently of whatever dovecot might be doing[16:46:21] <lunaphyte> people seem to have a very hard time grasping that in band, "dynamic" address verification is *not* the correct way to do things[16:46:25] <rob0> so no, while that sounds like a good idea from some perspectives, direct query for Postfix/smtpd address verification is best.[16:46:36] <ld50> in my case, address verification is already done by a third party anyway - my MX will only get mail for addresses that have been explicitly configured to be forwarded there and should receive mail only from that system. i'll try to firewall it off anyway[16:47:13] <rob0> hmm, you started off by saying you were the MX host[16:47:28] <rob0> now you're saying someone else is[16:47:36] <survietamine> I guess he still says that[16:47:51] <lunaphyte> it may be partially due to use of enticing language like "dynamic", which can seduce uninformed admins into making decisions based more on emotion than logic[16:47:58] <survietamine> just adding some precision that he is already filtering recipients[16:48:23] <survietamine> I'm not sure what you mean with firewall. Is that for brute force attacks?[16:48:48] <lunaphyte> but - guess what? direct ldap address verification is also "dynamic" - and has been that way since day one[16:48:49] <ld50> i am the primary MX for subdomain.example.com, i'll configure some of the addresses user at example dot com to be forwarded to user at subdomain dot example.com[16:49:08] <ld50> i am not in charge of the mx at example.com, only subdomain.example.com[16:49:21] <survietamine> hmm[16:49:27] <survietamine> there is DNS delegation[16:49:32] <survietamine> but no mail delegation[16:50:15] <ld50> this forwarding is being done by the mail server at example.com[16:50:19] <survietamine> if you set MX record for subdomain.example.com that messages won't go throught example.com mx[16:50:25] <survietamine> hmmm[16:50:31] <lunaphyte> ld50: that sort of forwarding is a no no[16:51:03] <lunaphyte> ld50: you'l have to accept all mail then, and can not reject any from the host which is forwarding[16:51:04] <ld50> if they are being sent to example.com, they'll go to example.com, that system forwards them to subdomain.example.com[16:53:04] <ld50> lunaphyte: the MX at example.com will already reject mail to unknown addresses etc., forwarding will only be configured for single addresses[16:54:04] <ld50> user at exmaple dot com will forward to user at subdomain dot example.com, user2 at example dot com will not forward. we're configuring this by hand[16:54:25] <lunaphyte> you can't do recipient verification on your server then, if it's getting mail forwarded from elsewhere[16:54:51] <survietamine> why don't you just setup dovecot lmtp service?[16:54:55] <ld50> i can check if i have the user in my ldap, but i'm considering disabling the verification altogether[16:56:20] <ld50> survietamine: maybe that is an option. could that accept mail from the example.com mx? i only have a webinterface to configure that one. i can create addresses, setup forwarding for an address[16:56:24] <ld50> not much else[16:56:43] *** dl8bh <dl8bh!~bammes@2a01:4f8:160:50eb::666> has quit IRC (Quit: WeeChat 1.9.1)[16:56:51] *** dl8bh <dl8bh!~bammes@shells.postadigitale.org> has joined #postfix[16:56:59] <dl8bh> what was the option in postfix to transform an alias to an address before relaying it via lmtp? atm dovecot is doing the recipient verification via lmtp, but back in the days, postfix did this for me[16:57:15] <dl8bh> I just dont remember the name of the specific setting[16:58:01] *** jucaroba <jucaroba!~quassel@static-153-155-225-77.ipcom.comunitel.net> has quit IRC (Ping timeout: 268 seconds)[16:58:59] <survietamine> ld50: sure, lmtp service accepts mails. I have no idea what your web interface is[16:59:21] <ld50> reading the wikipedia page on lmtp, i'm quite sure i can't get the example.com MX to speak lmtp with my subdomain.example.com server[17:00:26] <lunaphyte> probably not[17:00:39] <lunaphyte> well, that might not be true, technically[17:01:50] <ld50> the example.com MX is hosted by a provider and i can't do much with it, except configure the "user at example dot com" account to forward to "user at subdomain dot example.com"[17:02:19] *** troys <troys!~troys@23-24-139-177-static.hfc.comcastbusiness.net> has joined #postfix[17:02:47] <lunaphyte> it's better to retrieve mail than to forward it[17:02:56] <lunaphyte> you can use imap, or possibly pop, to do that[17:03:11] <rob0> if you control the destination host, forwarding is fine[17:03:20] <lunaphyte> not really[17:03:25] <ld50> we've been doing that in the current setup. it gets ugly very quickly. the getmail instances die all the time[17:03:32] <lunaphyte> it's tolerable, but i wouldn't every categorize it as fine[17:03:39] <ld50> they all need imap credentials[17:03:39] <lunaphyte> *ever[17:05:29] <ld50> my idea was to eliminate the need for the ~100 getmail instances and become the mx for subdomain.exmaple.com, forward the mail there on an per-user-account basis[17:05:55] <rob0> btw it's generally best to start out with the goal :)[17:05:57] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-157-202.satx.res.rr.com> has quit IRC (Ping timeout: 240 seconds)[17:06:25] <ld50> my mx would only ever need to talk to the providers system (the real example.com MX) and i could block all other connections via iptables[17:06:49] <lunaphyte> my question here would be why have the forward at all?[17:07:16] <lunaphyte> and, if it truly is such a genuine necessity, why are you unable to collaborate with the upstream admin?[17:07:41] <ld50> because it's the only way to get the mail from the provider. and because of reasons we have to stay with that provider.[17:08:11] <lunaphyte> get mail from the provider?[17:08:41] <ld50> i could retrieve it via IMAP, but this gets tiresome very quickly with many many instances of fetchmail or getmail.[17:08:56] <ld50> rob0: sorry, i should have given a bigger picture earlier ;)[17:08:59] <lunaphyte> yes, i agree[17:09:07] <lunaphyte> [about imap retrieval][17:09:24] <survietamine> can't you do some sieve rule?[17:10:39] *** nomeed <nomeed!~nomeed@p57A87584.dip0.t-ipconnect.de> has joined #postfix[17:10:57] <ld50> i have no sieve control over the providers servers. i can open their webinterface and configure user at example dot com to be forwarded to "user at subdomain dot example.com" (or user@you-name-it)[17:11:27] <ld50> maybe they even implement this as sieve rules, i don't know[17:14:13] <ld50> now i have to get my postfix to accept these connections. at the start, my postfix instance was configured for authenticated smtp from users and i didn't exactly know where to go from there so i started googling around for "postfix primary mx" and other keywords until i ended up here[17:14:51] <ld50> (authentication is being done by hooking postfix into dovecot and that hooks into ldap by the way)[17:15:34] <survietamine> if you have dovecot, you also have the imapc feature[17:15:36] <survietamine> that's fine[17:15:54] <survietamine> will sync some remote account[17:17:08] <ld50> i didn't know about imapc, looks interesting. but this would force me to keep the mail on the providers servers, storage there is very limited[17:17:09] *** synthroid <synthroid!~synthroid@50.202.5.122> has quit IRC (Remote host closed the connection)[17:17:55] <ld50> so it doesn't seem to be an option[17:20:01] <survietamine> what you mean with limited?[17:20:16] <survietamine> if you sync often, shouldn't it be ok?[17:20:55] <survietamine> I still be doing some imapfilter between imap accounts I don't administrate[17:21:17] <ld50> "The imapc storage accesses a remote IMAP server as if it were a regular Dovecot mailbox format", says the documentation. so all the mail has to be kept on the providers imap server as well.[17:21:38] <survietamine> but if you don't need to do complicated stuff on imap folders, imapc and dsync should be fine[17:23:54] <ld50> imapc keeps the mail on the providers servers, i can't do that because i will exceed their quota[17:24:24] <survietamine> it doesn't keep or something[17:25:59] <ld50> but that is what the documencation says?[17:26:40] <survietamine> if it's what between double-quotes, from what you pasted, I don't understand that[17:26:59] <ld50> https://wiki.dovecot.org/MailboxFormat/imapc[17:28:44] <survietamine> it's offtopic here, but I did things like this: doveadm -o pop3c_host=$MAILHOST -o pop3c_user=$USER -o pop3c_password=$PASSWORD -o imapc_host=$MAILHOST -o imapc_user=$USER -o imapc_password=$PASSWORD -o imapc_list_prefix=INBOX sync -1 -R -u $USER imapc:[17:29:40] <survietamine> so, for me imapc is just providing dovecot some imap/pop3 account as if it was dovecot storage. So it's easy to do dsync or others operations like replication[17:29:57] <survietamine> but ask in #dovecot if you are interested, cmouse is very valuable[17:30:31] *** gu1lle_ <gu1lle_!~Thunderbi@181.167.195.114> has joined #postfix[17:30:55] <ld50> i'd still need to have one imap client plus credentials per user account and do synchronisation, i'd like to avoid that. so becoming MX for subdomain.example.com is still what i want[17:32:10] <ld50> but many thanks for the advice anyway! maybe i can put it to use someday :)[17:32:19] <survietamine> hmm, I still don't get the big picture. You are MX for subdomain.example.com in the DNS on the Internet?[17:32:26] <ld50> yes i am[17:33:14] <ld50> but i don't care for email sent to subdomain.example.com unless it is forwarded by the systems at example.com (which i only have very limited control over)[17:33:29] *** synthroid <synthroid!~synthroid@50.202.5.122> has joined #postfix[17:33:37] <lunaphyte> my advice would be to just use subdomain.example.com as your email address[17:34:00] <ld50> can't do. user at example dot com addresses are in use everywhere, can't change that[17:34:03] <survietamine> yeah, but sometimes it's PITA to change remote systems contact infos[17:34:22] <survietamine> like we have big pain to change in DELL systems and some others[17:34:26] <lunaphyte> um, sorry, that's not "can't do".[17:34:38] <lunaphyte> that's "don't want to do because it will be difficult"[17:34:59] <ld50> i simply can't. if i propose that to my superior he will say "no." and that's the end of that[17:35:22] <survietamine> im my case, it's not only that. It's also "because, even if they say it's OK, I cannot trust them"[17:36:13] <survietamine> yes, people at example.com should be more collaborative with you[17:36:35] <ld50> people at example.com are a big company and don't care at all about this[17:36:51] <ld50> i do't even have contact with any admins there[17:37:18] <ld50> only hotline-level acces there. and i already tried to turn it off and on again[17:39:51] *** spammy <spammy!~shawniver@208-70-47-114.bb.hrtc.net> has quit IRC (Ping timeout: 260 seconds)[17:40:34] <survietamine> tell them "pleaaasee, I've talked to rob0 and lunaphyte on #postfix"[17:41:37] *** spammy <spammy!~shawniver@206.225.79.131> has joined #postfix[17:43:19] <ld50> survietamine: i feel you on not being able to trust superiors when they say something is okay. often they don't understand the implications even when you go to lengths to explain it[17:46:58] <lunaphyte> ld50: i understand being stuck like that.[17:47:04] <ld50> so, anyway. i'll read through the documents provided, ADDRESS_CLASS_README.html and BASIC_CONFIGURATION_README.html and try to apply it to my situation. thanks for all the time you people took to reply, it's very much appreciated.[17:50:39] *** Jellyg00se <Jellyg00se!~Alfie@195.99.134.162> has quit IRC (Quit: Leaving)[17:52:33] *** led_ir22 <led_ir22!~Thunderbi@hotspot10.rywasoft.net> has joined #postfix[17:54:10] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has quit IRC (Remote host closed the connection)[17:54:46] *** sklv <sklv!~sklv@gateway/tor-sasl/sklv> has joined #postfix[18:00:27] *** troys <troys!~troys@23-24-139-177-static.hfc.comcastbusiness.net> has quit IRC (Read error: Connection reset by peer)[18:18:35] *** quan <quan!~quassel@50.35.109.212> has joined #postfix[18:23:01] *** sarri <sarri!~sari@unaffiliated/sarri> has quit IRC (Ping timeout: 260 seconds)[18:23:27] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has joined #postfix[18:23:27] *** sarri <sarri!~sari@p50995cae.dip0.t-ipconnect.de> has quit IRC (Changing host)[18:23:27] *** sarri <sarri!~sari@unaffiliated/sarri> has joined #postfix[18:24:05] *** Darcidride_ <Darcidride_!~Darcidrid@2a01:e35:8b4a:ca10:c74:af6a:ef72:f0b1> has joined #postfix[18:31:47] *** Madda <Madda!~Madda@hq.m3team.it> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)[18:32:47] *** mikecmpbll <mikecmpbll!~mikecmpbl@ruby/staff/mikecmpbll> has quit IRC (Quit: inabit. zz.)[18:38:25] *** skylite <skylite!~skylite@BC061735.catv.pool.telekom.hu> has quit IRC (Read error: Connection reset by peer)[18:39:16] *** skylite <skylite!~skylite@BC061735.catv.pool.telekom.hu> has joined #postfix[19:04:13] *** chowbok <chowbok!~chowbok@207.181.255.76> has quit IRC (Ping timeout: 252 seconds)[19:20:48] <RadoQ> Moin. Is there a command to "hold" all incoming mails and deliver nothing?[19:21:21] <tuxick> systemctl stop postfix[19:21:36] <RadoQ> It should still accept and spool them.[19:21:59] <RadoQ> spool -> queue[19:22:10] *** chowbok <chowbok!~chowbok@207.181.255.76> has joined #postfix[19:22:32] <RadoQ> So that once they're supposed to be released they get out.[19:32:15] *** mactimes <mactimes!~mactimes@unaffiliated/mactimes> has joined #postfix[19:36:46] <mactimes> !relevant_logs[19:36:47] <knoba> mactimes: "relevant_logs" : mail.* syslog Postfix log messages (NOT verbose, see !no_verbose) which show ONLY the entire handling of a single mail which illustrates the issue with which you want help. Random selections from your mail log are not adequate. IMAP/POP3 daemons and external delivery agents often log to the same syslog facility and should not be shown. Also see http://rob0.nodns4.us/postfix-logging[19:37:40] <mactimes> !showconfig[19:37:41] <knoba> mactimes: "showconfig" : when asked to provide your config, please provide a SINGLE pastebin (see !pastebin) with postconf -nf and postconf -Mf. if your version is too old for those commands to work (< 2.9), you should upgrade, but see !showconfig_old[19:38:57] *** Darcidride <Darcidride!~Darcidrid@194.2.202.93> has quit IRC (Remote host closed the connection)[19:41:03] *** ptx0 <ptx0!~cheesus_c@unaffiliated/ptx0> has quit IRC (Ping timeout: 248 seconds)[19:43:07] *** Darcidride_ <Darcidride_!~Darcidrid@2a01:e35:8b4a:ca10:c74:af6a:ef72:f0b1> has quit IRC (Remote host closed the connection)[19:43:30] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:c74:af6a:ef72:f0b1> has joined #postfix[19:45:48] <pj> RadoQ: no postfix will not accept and store mail when it's not running, the only exception to that is the postdrop (sendmail) command.[19:48:23] <pj> RadoQ: I've found this works: smtpd_sender_restrictions = check_sender_access static:HOLD[19:48:43] <pj> of course you can do that with any access map and on any smtpd_*_restrictions setting.[19:51:36] *** Death_rattle__ <Death_rattle__!~death@p200300EDEBC6B0005D819F8666ED8B74.dip0.t-ipconnect.de> has joined #postfix[19:52:53] <mactimes> Hi. I just found out my postfix (3.1.6) is being used to send SPAM. Here's an example from latest log: https://pastebin.ca/3944366 Notice that I replaced my actual e-mail address to myusername at mydomain dot tld and the recipients to "! ---------- OUTPUT SUPPRESSED ----------" for privacy.[19:55:02] <mactimes> The spammer is using my actual e-mail account to authenticate, possibly, without the password. I'd be glad if someone could help as I feel horrible my equipment is being used for this.[19:56:14] *** Darcidride <Darcidride!~Darcidrid@2a01:e35:8b4a:ca10:c74:af6a:ef72:f0b1> has quit IRC (Quit: Bye.)[19:56:35] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-157-202.satx.res.rr.com> has joined #postfix[19:58:04] <petn-randall> mactimes: Now you're only missing the config paste for us to make recommendations.[19:58:36] *** ptx0 <ptx0!~cheesus_c@unaffiliated/ptx0> has joined #postfix[20:00:55] <mactimes> petn-randall, I'm using virtual mappings. Should I past all, including the database queries?[20:01:37] <petn-randall> mactimes: Well, what the !showconfig factoid says. Gotta run now, but someone else might help you out.[20:01:52] <mactimes> petn-randall, Thanks.[20:05:52] <mactimes> Here's the syslog portion of interest, postconf -nf and postconf -Mf https://pastebin.ca/3944373 If necessary, let me know and I'll post all the mysql-*.cf files and smtpd.conf file too.[20:11:41] *** Diemuzi <Diemuzi!~IceChat9@unaffiliated/diemuzi> has quit IRC (Quit: See you on the flip side)[20:19:13] <jaybe> 1) someone knows password; change password. 2) how could someone authenticate to your account without credentials?[20:20:13] *** linex <linex!~quassel@58.26.242.250> has quit IRC (Quit: No Ping reply in 180 seconds.)[20:24:21] <mactimes> jaybe, I have just changed and problem persists. I'm not sure authentication is being checked properly and I don't know how to follow the authentication flow to make sure. Using an e-mail client (thunderbird, for instance), I can only send e-mails with correct password set.[20:25:03] <jaybe> do you have local users? do you have web/php running on that box and or relaying through it?[20:26:51] <mactimes> jaybe, I can see from the logs (such as the one I posted) that connection is remote.[20:28:22] <mactimes> jaybe, Here's a recent log excerpt: Dec 4 17:15:47 srv01 postfix/smtpd[27071]: connect from unknown[201.159.92.190] | Dec 4 17:15:54 srv01 postfix/smtpd[27071]: 024DE1A0453: client=unknown[201.159.92.190], sasl_method=PLAIN, sasl_username=MY_ACTUAL_EMAIL_ADDRESS | Dec 4 17:15:57 srv01 postfix/cleanup[27088]: 024DE1A0453: message-id=<> | Dec 4 17:15:57 srv01 postfix/qmgr[27069]: 024DE1A0453: from=<MY_ACTUAL_EMAIL_ADDRESS>, size=2686,[20:28:22] <mactimes> nrcpt=4 (queue active)[20:29:13] <mactimes> jaybe, I'm led to believe that it is, somehow, related to the SASL authentication portion. But, again, I don't know where to start troubleshooting it.[20:29:29] *** linex <linex!~quassel@58.26.242.250> has joined #postfix[20:29:38] <mactimes> jaybe, It seems that, someone, authentication is being just "skipped".[20:29:48] <mactimes> s/someone/somehow[20:31:04] <jaybe> notice you didn't answer my questions[20:32:00] <mactimes> jaybe, Don't have local users (virtual e-mail mappings only), I have web/php running on that box, nothing is relaying through it.[20:32:45] <mactimes> jaybe, None of the web/php uses my actual e-mail address, which is being used, somehow, to connect.[20:33:12] *** Death_rattle__ <Death_rattle__!~death@p200300EDEBC6B0005D819F8666ED8B74.dip0.t-ipconnect.de> has quit IRC (Quit: bye)[20:35:55] <mactimes> jaybe, Hummm. What you said about local users rang a bell here.[20:36:35] <mactimes> jaybe, I actually have a local account, which doesn't have a mailbox, but has the same username portion of the e-mail.[20:37:35] <mactimes> I'm blocking it now to see what happens.[20:37:59] <rob0> sasl_username= ... the botnet has your creds[20:40:10] <mactimes> After blocking local *nix account, problem persists.[20:40:27] <mactimes> rob0, I just changed the password...[20:41:24] <mactimes> rob0, I just changed the password, restarted postfix and the same happened, almost instantly.[20:41:49] <rob0> was it the local username used, or the virtual email address? You munged that part.[20:42:07] <mactimes> rob0, the virtual e-mail address.[20:42:19] <rob0> BTW, "postfix stop" to stop sending out more spam.[20:42:19] <mactimes> rob0, On both parts.[20:42:28] <mactimes> rob0, Just did.[20:43:03] <rob0> then how would blocking the local username stop this? You need to revoke the creds for the virtual user.[20:43:06] <rob0> also,[20:43:09] <mactimes> rob0, I had previously broken the authentication part on purpose to avoid sending spam, but keep receiving messages. I just returned the previous configuration and stopped postfix.[20:43:18] <rob0> !check_sasl_access[20:43:18] <knoba> rob0: "check_sasl_access" : smtpd(8) restriction to check an access(5) database for the SASL username, see: http://www.postfix.org/postconf.5.html#check_sasl_access (available Postfix 2.11+)[20:44:05] <rob0> I note a few problems in your logs, to-wit:[20:44:49] <rob0> 1. You're either submitting (accepting submission) on port 25, or you don't have -o syslog_name set for submission[20:45:08] <rob0> 1. enable_long_queue_ids[20:45:15] <rob0> !enable_long_queue_ids[20:45:15] <knoba> rob0: "enable_long_queue_ids" : Enable long, non-repeating, queue IDs (queue file names). The benefit of non-repeating names is simpler logfile analysis and easier queue migration (there is no need to run postsuper to change queue file names that don't match their message file inode number). See http://www.postfix.org/postconf.5.html#enable_long_queue_ids[20:45:57] <rob0> uh, that was supposed to be 2[20:46:05] <mactimes> I realized. ;-)[20:46:45] <mactimes> Any further checks I should run, aside from those?[20:48:41] <rob0> LOT of strange stuff in the config, unfortunately I am not able to take the time to pick over it[20:49:15] <rob0> some highlights, it looks like you're using Cyrus SASL alongside Dovecot IMAP, why? That's mad.[20:50:03] *** linex <linex!~quassel@58.26.242.250> has quit IRC (Quit: No Ping reply in 180 seconds.)[20:50:59] <rob0> but to stop the bleeding,[20:51:56] <rob0> set a check_sasl_access restriction with a lookup of "username at example dot com reject compromised"[20:52:07] <rob0> !postsuper[20:52:07] <knoba> rob0: "postsuper" : the queue supervision tool for postfix. Use it with the option "-d" to remove mails from the queue. See 'man postsuper' for more information.[20:52:20] <rob0> put everything on hold ^^ see manual[20:52:59] <rob0> then it should be safe to restart, and you'll have time to get a script to parse the mailq output and purge the spam[20:53:10] <mactimes> I got a bit lost with the manual from postfix official site. To many "tutorials" and "howto's", but the actual flow and "queries" are too obscure for me.[20:53:47] <rob0> after spam is purged from queue, release the remaining held mail (again see postsuper's manual), which should not be much if any[20:53:50] <mactimes> I already ran postsuper -d ALL a bunch of times to clean the queue.[20:53:56] <rob0> ah[20:54:34] <mactimes> Everytime I start postfix to check the logs and see things are still f***ed up, I stop it and clear the queue.[20:54:58] <rob0> did you set a restriction as suggested?[20:55:25] <rob0> also, again, Cyrus SASL, that's silly[20:55:30] <mactimes> I'll do that. I'll check your recommendations from the very top and go through them.[20:56:24] <rob0> Anyone who wrote a howto setting up Cyrus SASL on a system with Dovecot was not a person you would want to listen to.[20:57:27] <mactimes> I think that was some "howto" someone here followed from a guy nicknamed "falko" or something like that.[20:57:36] <mactimes> But I'm not really sure.[21:00:02] <mactimes> rob0, I'm pretty sure I should trash all the configuration and start over, but, again, while trying to understand the parameters and flow from postfix.org, things get a bit obscure for me.[21:02:15] *** sebastienthiry <sebastienthiry!~Thunderbi@109.134.85.160> has joined #postfix[21:03:14] *** section1 <section1!~section1@190.194.68.34> has quit IRC (Remote host closed the connection)[21:08:19] *** linex <linex!~quassel@58.26.242.250> has joined #postfix[21:10:48] *** Oclair <Oclair!~Oclair@212-186-178-98.static.upcbusiness.at> has joined #postfix[21:24:06] *** led_ir23 <led_ir23!~Thunderbi@hotspot10.rywasoft.net> has joined #postfix[21:25:08] *** troys <troys!~troys@23-24-139-177-static.hfc.comcastbusiness.net> has joined #postfix[21:26:48] *** led_ir23 <led_ir23!~Thunderbi@hotspot10.rywasoft.net> has quit IRC (Read error: Connection reset by peer)[21:27:56] *** led_ir22 <led_ir22!~Thunderbi@hotspot10.rywasoft.net> has quit IRC (Ping timeout: 255 seconds)[21:31:31] *** MacWinner <MacWinner!~Blah@136.24.54.73> has joined #postfix[21:36:42] *** led_ir22 <led_ir22!~Thunderbi@hotspot10.rywasoft.net> has joined #postfix[21:49:35] *** DzAirmaX <DzAirmaX!~DzAirmaX@unaffiliated/dzairmax> has quit IRC (Ping timeout: 240 seconds)[21:51:44] *** DzAirmaX <DzAirmaX!~DzAirmaX@unaffiliated/dzairmax> has joined #postfix[21:54:43] <mactimes> rob0, I decided to take the server down. Just finished backups for the mailboxes. I'll try and write a new, clean configuration. Thanks for all the support.[21:54:53] <mactimes> jaybe, Thank you, too, for all the insights.[21:56:26] *** mactimes <mactimes!~mactimes@unaffiliated/mactimes> has quit IRC (Quit: Leaving)[21:57:47] *** wk-work <wk-work!~quassel@office-osl3-tech-nat.osl.basefarm.net> has joined #postfix[22:05:05] *** mactimes <mactimes!~mactimes@unaffiliated/mactimes> has joined #postfix[22:09:24] *** led_ir22 <led_ir22!~Thunderbi@hotspot10.rywasoft.net> has quit IRC (Read error: Connection reset by peer)[22:09:24] *** led_ir23 <led_ir23!~Thunderbi@hotspot10.rywasoft.net> has joined #postfix[22:11:45] *** led_ir23 is now known as led_ir22[22:13:15] <jaybe> mactimes: welcome- for the little prodding i did. glad you have a path forward. and i think startung fresh with a focus on comprehension and understanding makes good sense.[22:14:27] <jaybe> postfix.org for actual/real docs and conprehension. perhaps also review and enjoyment of how others choose to do things via workaround.org. avoid the “tutorials” everywhere really.[22:16:22] *** sebastienthiry <sebastienthiry!~Thunderbi@109.134.85.160> has quit IRC (Quit: sebastienthiry)[22:18:30] *** fatdragon <fatdragon!~fatdragon@cpe-107-184-105-188.socal.res.rr.com> has joined #postfix[22:18:38] *** Oclair <Oclair!~Oclair@212-186-178-98.static.upcbusiness.at> has quit IRC (Quit: Bye Bye)[22:18:39] <mactimes> jaybe, Yeah, I tried (not too hard though) to follow the documentation. Some portions of "how things flow" got me confused. I usually avoid tutorials, as things are not always like the tutorials show and you end up with more problems than doing a clean, fresh, manual setup.[22:20:48] <jaybe> without understanding and conprehension you are setting yourself up for pain the moment something differs from where you originally got thing “working”[22:25:06] *** cromag <cromag!~cromag@irssi/user/cromag> has quit IRC (Ping timeout: 246 seconds)[22:38:28] <quan> Anyone seen this? "spamass-milter[1329]: Could not retrieve sendmail macro "i"!. Please add it to confMILTER_MACROS_ENVFROM for better spamassassin results"[22:38:38] <quan> https://paste.ee/p/gN7yh[22:43:51] <quan> How about this one? " warning: restriction `reject_authenticated_sender_login_mismatch' ignored: no SASL support"[22:52:00] *** syshero <syshero!~chaosmake@unaffiliated/chaosmaker> has quit IRC (Quit: Textual IRC Client: www.textualapp.com)[22:53:05] *** kingkong <kingkong!~Admin@shellium/member/kingkong> has quit IRC (Quit: www.ChatQ.Net New Style Chat Site)[22:53:48] *** kingkong <kingkong!~Admin@chatq.net> has joined #postfix[22:53:48] *** kingkong <kingkong!~Admin@chatq.net> has quit IRC (Changing host)[22:53:48] *** kingkong <kingkong!~Admin@shellium/member/kingkong> has joined #postfix[23:03:50] *** FinboySlick <FinboySlick!~shark@74.117.40.10> has quit IRC (Quit: Leaving.)[23:09:01] <quan> I'm baffled too.[23:11:07] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-157-202.satx.res.rr.com> has quit IRC (Quit: cemotyz09)[23:11:34] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-157-202.satx.res.rr.com> has joined #postfix[23:11:50] <rob0> well, I don't use spamass-milter, but the error appears to suggest an answer[23:12:51] <rob0> The Postfix warning OTOH is quite clear: you're using a SASL-based restriction on a system where SASL is not available or not enabled.[23:13:44] *** NwS <NwS!~NwS@unaffiliated/nws> has quit IRC (Quit: See you in Isla de Muerte!)[23:15:41] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-157-202.satx.res.rr.com> has quit IRC (Client Quit)[23:16:07] *** cemotyz09 <cemotyz09!~cemotyz09@cpe-70-121-157-202.satx.res.rr.com> has joined #postfix[23:18:50] <quan> rob0: Thanks. Just figured out what it is and enabled it. Testing now.[23:21:04] <quan> BTW, I tried to set up a systemd socket for spamassassin (like clamd), but it just does not respond. I guess it's not supported.[23:21:58] *** ariscop <ariscop!~Phase4@58.106.177.140> has quit IRC (Quit: Leaving)[23:37:27] *** Reinhilde is now known as Ellenor[23:52:59] *** pti-jean <pti-jean!~quassel@79.38.124.78.rev.sfr.net> has quit IRC (Remote host closed the connection)[23:56:08] *** synthroid <synthroid!~synthroid@50.202.5.122> has quit IRC ()